*
This is ONLY required by customers that upgraded to 4.0 HF1 and
manually copied and installed the OpenSSL and Apache RPMs from a
directory on the patch to enable TLS 1.1/1.2 support. The only
difference between 4.0 HF1 and 4.0 HF2 is that HF2 includes Apache and
OpenSSL updates to address the Heartbleed vulnerability defined byCVE-2014-0160. Anyone on 4.0 HF1 that did not manually update to this OpenSSL 1.0 version does not need to apply this update.

** This
is ONLY required by customers that upgraded to 4.0 HF1 and manually
copied and installed the OpenSSL and Apache RPMs from a directory on the
patch to enable TLS 1.1/1.2 support. The only difference between HF2
and HF3 is that we built OpenSSL in HF3 with FIPS 140 compliant
switches.

*** This Contains fixes for the following CVE's: CVE-2014-0224, CVE-2013-4322, CVE-2013-4286**** This includes a fix for CVE-2014-3511***** This includes fixes for the following CVE's: CVE-2014-5214, CVE-2014-5215,CVE-2014-5216, CVE-2014-3566